gitlab.flawfinder.realpath-1

137

Download Count*

License

Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.realpath-1
    languages:
      - c
    message: >
      Ensure that the destination buffer is at least of size MAXPATHLEN, andto
      protect against

      implementation problems, the input argument should also be checked to ensure it is no larger

      than MAXPATHLEN.
    metadata:
      cwe: "CWE-120: This function does not protect against buffer overflows, and some
        implementations can overflow internally (CWE-120/CWE-785!)"
      primary_identifier: flawfinder.realpath-1
      secondary_identifiers:
        - name: Flawfinder - realpath
          type: flawfinder_func_name
          value: realpath
      license: MIT
    pattern: realpath(...)
    severity: WARNING

Short Link: https://sg.run/P8jN